>From: [email protected] On Behalf Of Mithun Kumar
>Sent: Thursday, 30 August, 2012 19:50
>openssl s_client -connect NC-WIN2008X64:1433 -state -debug -msg -ssl3
>CONNECTED(00000003)
>SSL_connect:before/connect initialization
>write to 08A018A8 [08A0B660] (100 bytes => 100 (0x64))
<snip>
>>>> SSL 3.0 Handshake [length 005f], ClientHello
<snip>
>SSL_connect:SSLv3 write client hello A
>read from 08A018A8 [08A06E50] (5 bytes => 0 (0x0))
>SSL_connect:failed in SSLv3 read server hello A
>12542:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:
>ssl handshake failure:s3_pkt.c:529:
>Any idea why handshake is failing?
Read count 0 nominally means the server closed the TCP connection,
neither continuing the handshake (with ServerHello) nor cleanly
aborting (with alert). A compliant server shouldn't do this,
but some do, especially if it judges you shouldn't be allowed to
connect e.g. blacklisted IPaddr, too many attempts too fast, etc.
Ask the server operator(s) why it didn't/doesn't like you.
Alternatively, there is a remote possibility some middlebox in
your network path such as a firewall is doing the close. However
middleboxes usually do this earlier: on the TCP connection (SYN)
not during SSL handshake, which is "just" data to the TCP/IP level.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
